﻿ <?php
  session_start();
  header("Content-type: text/html; charset=utf-8");
  include("../corePage/common.php");
  if(isset($_REQUEST["submit"])){
  $username = $_REQUEST['username'];
  $username = html_str_replace($username);
  $password = $_REQUEST['password'];
  $password = html_str_replace($password);
  #查询用户信息
  $sql="select * from ".$database_prefix."_user where $username_field = '$username' and $password_field = '$password' and level > 0";
  $userObject = select_Object($sql);
  if($userObject){
    $userId = $userObject['id'];
    $level = $userObject['level'];
    $_SESSION['sysUserId'] = $userId;
    $_SESSION['sysUserLevel'] = $level;
    $_SESSION['sysLoginStauts'] = 1;
  ?>
  <script>window.location.href="<?php echo $domainName.'/'.$projectName.'/viewPage/userList.php' ?>";</script>
  <?php
  }else{
    unset($_SESSION['sysUserId']);
    unset($_SESSION['sysUserLevel']);
    $_SESSION['sysLoginStauts'] = 0;
    ?>
  <script>alert("登录失败");window.location.href="<?php echo $domainName.'/'.$projectName.'/viewPage/login.php' ?>";</script>
  <?php
  }
  mysql_free_result($result);
  //释放结果
  mysql_close();
  //关闭连接
}else{
   ?>
  <script>alert("登录失败");window.location.href="<?php echo $domainName.'/'.$projectName.'/viewPage/login.php' ?>";</script>
   <?php
}
?>
